Ruckus SCG™ 200 Tunneling Interface Reference Guide For SmartZone 3.5 Smart Zone (GA) (SCG200) Scg200 35 Guide20170405
2017-04-05
User Manual: Ruckus SmartZone 3.5 (GA) Tunneling Interface Reference Guide (SCG200)
Open the PDF directly: View PDF 
.
Page Count: 33
| Download | |
| Open PDF In Browser | View PDF |
Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Part Number: 800-71284-001 Rev A Published: 05 April 2017 www.ruckuswireless.com Contents Copyright Notice and Proprietary Information.............................................................................3 About this Guide.........................................................................................................................4 Document Conventions.........................................................................................................4 Terminology..........................................................................................................................5 References............................................................................................................................6 Impacted Systems................................................................................................................7 Legend.................................................................................................................................8 Related Documentation.........................................................................................................8 Online Training Resources.....................................................................................................8 Documentation Feedback.....................................................................................................8 1 Core Network Protocols Overview...............................................................................................................................9 Core Network Protocols......................................................................................................11 L2oGRE........................................................................................................................11 L2oGRE with TTG PDG Profile with 802.1x Authentication............................................13 Bridge Mode - (0-2 tags)...............................................................................................14 GTP Tunnel with GGSN (GTPv1)...................................................................................15 2 3rd Party Access Network Protocol Access Network..................................................................................................................19 3rd Party AP Zone.........................................................................................................19 L2oGRE........................................................................................................................20 QinQ (L2).......................................................................................................................22 3rd Party Session Termination.......................................................................................24 3 Tunnel Combinations and DHCP Processing Tunnel Combinations..........................................................................................................27 DHCP Processing...............................................................................................................28 DHCP Relay..................................................................................................................28 DHCP Option 82...........................................................................................................29 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 2 3 Copyright Notice and Proprietary Information Copyright 2017. Ruckus Wireless, Inc. All rights reserved. No part of this documentation may be used, reproduced, transmitted, or translated, in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without prior written permission of Ruckus Wireless, Inc. (“Ruckus”), or as expressly provided by under license from Ruckus. Destination Control Statement Technical data contained in this publication may be subject to the export control laws of the United States of America. Disclosure to nationals of other countries contrary to United States law is prohibited. It is the reader’s responsibility to determine the applicable regulations and to comply with them. Disclaimer THIS DOCUMENTATION AND ALL INFORMATION CONTAINED HEREIN (“MATERIAL”) IS PROVIDED FOR GENERAL INFORMATION PURPOSES ONLY. RUCKUS AND ITS LICENSORS MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THE MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR THAT THE MATERIAL IS ERROR-FREE, ACCURATE OR RELIABLE. RUCKUS RESERVES THE RIGHT TO MAKE CHANGES OR UPDATES TO THE MATERIAL AT ANY TIME. Limitation of Liability IN NO EVENT SHALL RUCKUS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, DATA OR USE, INCURRED BY YOU OR ANY THIRD PARTY, WHETHER IN AN ACTION IN CONTRACT OR TORT, ARISING FROM YOUR ACCESS TO, OR USE OF, THE MATERIAL. Trademarks Ruckus Wireless, Ruckus, the bark logo, BeamFlex, ChannelFly, Dynamic PSK, FlexMaster, Simply Better Wireless, SmartCell, SmartMesh, SmartZone, Unleashed, ZoneDirector and ZoneFlex are trademarks of Ruckus Wireless, Inc. in the United States and other countries. All other product or company names may be trademarks of their respective owners. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 3 4 About this Guide This Ruckus Wireless™ SmartCell Gateway™ (SCG) 200 Tunneling Interface Reference Guide describes the AP networking protocols supported in the access and core networks. This guide is written for service operators and system administrators who are responsible for managing, configuring, and troubleshooting Ruckus Wireless devices. Consequently, it assumes a basic working knowledge of local area networks, wireless networking, and wireless devices. . NOTE Refer to the release notes shipped with your product to be aware of certain challenges when upgrading to the latest version of SmartZone. Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the Ruckus Wireless Support Web site at https://support.ruckuswireless.com/contact-us. Document Conventions Table 1: Text conventions on page 4 and Table 2: Notice conventions on page 5 list the text and notice conventions that are used throughout this guide. Table 1: Text conventions Convention Description message phrase Represents information as it [Device Name] > appears on screen user input Represents information that [Device Name] > you enter set ipaddr 10.0.0.12 user interface controls Keyboard keys, software buttons, and field names screen or page names Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Example Click Start > All Programs Click Advanced Settings. The Advanced Settings page appears. 4 About this Guide Terminology Table 2: Notice conventions Notice type Description NOTE Information that describes important features or instructions CAUTION! WARNING! Information that alerts you to potential loss of data or potential damage to an application, system, or device Information that alerts you to potential personal injury Terminology The table lists the terms used in this guide. Table 3: Terms used in this guide Terminology Description BRI Binding Revocation Indication Control Plane SCG Control Plane CVLAN Customer VLAN Data Plane SCG Data Plane DHCP Dynamic Host Configuration Protocol (DHCP) DM Disconnect Message EPC Evolved Packet Core EPS Evolved Packet System fwd_policy Forwarding policy to identify one of the supported network protocol types G-PDU GTP Packet Data Unit GGSN Gateway GPRS Support Node GTP GPRS Tunneling Protocol ICMP Internet Control Message Protocol L2oGRE Standard GRE (version 0 no options) of Ethernet packets L2oGRE Layer 2 over GRE Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 5 About this Guide References Terminology Description LBO Local Breakout Traffic LMA Local Mobility Anchor MAG Mobile Access Gateway MAG Mobile Access Gateway MN Mobile Node PDG Packet Data Gateway PDN Packet Data Network PGW PDN Gateway RADIUS Remote Access Dial-Up User Service SGW Serving Gateway SVLAN Service VLAN TEIDs Tunnel End Point Identifiers TTG Tunnel Termination Gateway References Table 4: References used on page 6 lists the specifications and standards that are referred to in this guide. Table 4: References used 6 No. Reference Description 1 RFC 2784 Generic Routing Encapsulation (GRE) 2 IEEE 802.1ad Provider Bridges Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 About this Guide Impacted Systems Impacted Systems Table 5: Impacted Systems on page 7 lists the impacted systems. Table 5: Impacted Systems Term Description Control plane • User Interface – Configuration and statistics reporting • Configuration - For core network tunnel destinations • New access - Network type configuration for 3rd Party AP Zones • Session Manager – Supports additional core network tunnel types • ICD Message - Enhancements to support additional forwarding policy • AAA Proxy - Supports additional forward policy – L2oGRE and QinQ Data plane • Statistics reporting per: • User per forward policy • Access network type • Core network type • Datacore for: • New forward policy • I/O modules for L2oGRE (both access and core) • QinQ for core network side traffic Access Point (AP) Hostpad - New forward policy support for L2oGRE Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 7 Legend Table 6: Legend used on page 8 lists the legend/presence code used in this guide. Table 6: Legend used Legend Description M Mandatory O Optional C Conditional Related Documentation For a complete list of documents that accompany this release, refer to the Release Notes. Online Training Resources To access a variety of online Ruckus Wireless training modules, including free introductory courses to wireless networking essentials, site surveys, and Ruckus Wireless products, visit the Ruckus Wireless Training Portal at: https://training.ruckuswireless.com. Documentation Feedback Ruckus Wireless™ is interested in improving its documentation and welcomes your comments and suggestions. You can email your comments to Ruckus Wireless at: docs@ruckuswireless.com When contacting us, please include the following information: • • • • Document title Document part number (on the cover page) Page number (if appropriate) For example: • Tunneling Interface Reference Guide for SmartZone 3.5 • Part number: 800-71284-001 • Page 88 9 Core Network Protocols 1 Overview This interface reference guide describes the supported protocols for user equipment (UE) access and core network traffic. This includes supporting additional tunnel types (both access and core), core network forwarding rules and new networking protocols (both access and core). On the core network, UE traffic from APs along with next-hop destinations based on forwarding policy supports: • L2oGRE, which establishes a GRE tunnel to the core network forwarding gateway along with an Ethernet payload. That is, the client's MAC is available to the next hop gateway. In addition, data plane supports in sending non-tunneled packets to the core network with optional VLAN or QinQ tags. • On the access network, UE traffic from 3rd Party APs is sent to the data plane via an L2oGRE tunnel, or alternatively a QinQ tunnel configuration on the access network. This is in addition to QinQ packets on the access network. The configuration is per zone with specifications of the IP range of the connecting tunnel endpoint. The tunnel is accepted and the UE packet is accepted (based on per zone authentication settings) as long as the IP address of the GRE tunnel endpoint is within that range. Figure 1: Tunneling Interface on page 10 shows the tunneling interface and its various tunneling interfaces. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 9 Core Network Protocols Overview Figure 1: Tunneling Interface 10 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Core Network Protocols Core Network Protocols Core Network Protocols Each user equipment (UE) is mapped to one single core network protocol type. A maximum of 64 core gateways is supported, which translates to supporting 32 GGSNs and 64 GRE core gateways including L2oGRE in any combination. This section covers: • • • • • L2oGRE on page 11 L2oGRE with TTG PDG Profile with 802.1x Authentication on page 13 Bridge Mode - (0-2 tags) on page 14 GTP Tunnel with GGSN (GTPv1) on page 15 GTP Tunnel with PGW (GTPv2) L2oGRE L2oGRE is a core network tunneling protocol, with the following features: • The GRE header protocol type is 0x6558 • The GRE payload includes Ethernet header for the UE. • The only supported combination of access network protocol type is L2, which includes Ruckus GRE and L2oGRE. • ARPs are forwarded to the L2oGRE tunnel. • DHCP relay function is optionally configured. If it is not configured, the DHCP packets are forwarded in the L2oGRE tunnel. KeepAlive can be configured to L2oGRE gateway. The only KeepAlive mechanism supported is ICMP echo/reply messages, which are sent or received from L2oGRE gateway. The period for sending KeepAlive is m seconds (default = 10 seconds) and the total number of retries is n (default counter is 3). The values for m and n are configurable from command-line interface (CLI). KeepAlive will always be answered, if it is received from the L2oGRE gateway. The data plane sends a KeepAlive packet only if no user traffic is received from the L2oGRE gateway within the KeepAlive period. An event is generated indicating that the L2oGRE gateway is unreachable when the maximum number of retries exceeds. This event occurs when L2oGRE does not receive an ICMP reply to an ICMP request sent from the datablade. Figure 2: L2oGRE control and data traffic flow on page 11 displays the L2oGRE traffic flow. Figure 2: L2oGRE control and data traffic flow Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 11 Core Network Protocols Core Network Protocols When redundant L2oGRE gateways are configured, the KeepAlive will be enabled by default. At init time, the first configured gateway will be active. The KeepAlive failures will trigger a switchover to the backup gateway. After the switchover, though the first gateway becomes available, the switchover will not revert until the current active gateway is alive. NOTE For information on how to configure L2oGRE, refer to the SmartCell Gateway 200 Administrator Guide (PDF) or the SmartCell Gateway 200 Online Help, which is accessible from the SCG user interface. 12 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Core Network Protocols Core Network Protocols L2oGRE with TTG PDG Profile with 802.1x Authentication This network protocol supports authentication of user equipment (UE) tunnel traffic from 3rd party access points (APs) using 802.1X, via L2oGRE tunnels. 3rd party AP UE's using 802.1X authentication is already supported with QinQ access and LBO core forwarding by configuring the TTG+PDG profile. The UE authentication is similar to QinQ and LBO expects that the UE packet is seen at the data plane from an L2oGRE tunnel. This means that the L2oGRE and LBO path is already supported for the parameter auth_type. In this particular path, as long as the L2oGRE AP can be mapped to a configured zone (based on IP address range), the UE packet will be accepted and forwarded. The datacore verifies the unknown UE's coming from the AP in the L2oGRE LBO zone before forwarding the UE packets. The following are the UE packet processing steps. 1. UE associated with AP successfully is authenticated through 802.1X 2. The authenticated UE traffic is sent to data plane through the L2oGRE tunnel. 3. The data blade receives the first UE packet (L2oGRE encapsulated). This could either be the DHCP packet or any other IP packet (roaming to another data plane) 4. If the UE entry is not found, the datablade (GTpmgr) sends a GET user equipment request to the sessions manager for data trigger type 0 using the UE MAC address. 5. Sessions manager will send GET user equipment response with route type to data plane. 6. Subsequent UE packets are bridged out, VLAN/QinQ tagging rules will be as per the configuration. 7. When MAC aging happens at datap lane due to the user equipment being inactive, the data plane (GTPmgr) sends an UE delete request to the sessions manager for deleting an entry. 8. If the UE returns or moves to another data plane, the status query process for unknown UE is called again. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 13 Core Network Protocols Core Network Protocols Bridge Mode - (0-2 tags) Traffic from user equipments (UE) are QinQ tagged and bridged out to the core network as seen in Figure 3: QinQ Core Network on page 15. The core VLAN type can be either QinQ or preserve the access VLAN (1 tag). For core network traffic, the QinQ traffic is considered as a type of LBO traffic or VLAN (single) or untagged traffic. 14 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Core Network Protocols Core Network Protocols Figure 3: QinQ Core Network NOTE For information on how to configure QinQ, refer to the SmartCell Gateway 200 Administrator Guide (PDF) or the SmartCell Gateway 200 Online Help, which is accessible from the SCG user interface. The bridge mode now supports optional DHCP relay function. If it is enabled the user equipment’s DHCP packets are relayed to a configured DHCP server. Option 82 sub-option configurations are the same as before. GTP Tunnel with GGSN (GTPv1) Gn interface is used in controlling the signal between the SCG and Gateway GPRS Support Node (GGSN) as well as for tunneling end user data payload within the backbone network between both the nodes. GTP (GPRS Tunneling Protocol ) transmits user data packets and signaling between SCG and GGSN. GTP encapsulates traffic and creates GTP tunnels, which act as virtual data channels for transmission of packet data between SCG and GGSN. A GTP tunnel is established between SCG and GGSN through create PDP (Packet Data Protocol) context procedure for a data session initiated from user equipment (UE). Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 15 Core Network Protocols Core Network Protocols A GTP tunnel is identified by a pair of IP addresses and a pair of GTP Tunnel End Point Identifiers (TEIDs), where one IP address and TEID is for the SGSN and the other is for the GGSN. TEID is a session identifier used by GTP protocol entities in the SGSN (Serving GPRS Support Node) and in the GGSN. The two TEID are defined each for GTP-C (GTP control) and GTP-U ( GTP user data tunneling). GTP-U is a tunneling mechanism that provides a service for carrying user data packets. On both planes, a GTP header encapsulates the data package, called G-PDU, and a path implemented by UDP (User Datagram Protocol ) or IP address is used as bearer of the GTP traffic. GTP-C is a tunnel control and management protocol and is used to create, modify and delete tunnels. NOTE For information on tunnel and path messages, refer to the SmartCell Gateway 200 Gn Interface Reference Guide (PDF). The SCG supports the following categories of GTP signaling traffic: 1. Path management messages - The main purpose of these messages is to supervise an UDP/IP address path to ensure that connectivity failure can be detected on time. This is managed by frequently sending GTP echo request or response packets between the SCG and the GGSN. 2. Tunnel management messages - These contain messages that establish, modify and release GTP tunnels. Figure 4: Message Flow Between the SCG and GGSN on page 16 shows the message flow between the SCG and the GGSN for establishing a GTP tunnel. Figure 4: Message Flow Between the SCG and GGSN 16 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Core Network Protocols Core Network Protocols The below figure shows the Gn interface flow. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 17 Figure 5: Gn Interface Flow 19 3rd Party Access Network Protocol 2 Access Network The SCG supports two types of access network for 3rd party, namely QinQ and L2oGRE. Figure 6: Data traffic from 3rd party AP to the SCG on page 19 shows the 3rd party AP flow. Figure 6: Data traffic from 3rd party AP to the SCG 3rd Party AP Zone The SCG connects to 3rd party AP zones in the same way as that of Ruckus Wireless APs. The SCG receives RADIUS messages directly from 3rd party AP and supports multiple 3rd party AP zones. The SCG accepts UE data traffic from 3rd party APs from access networks via L2oGRE tunnels APs or QinQ tags. The UE MAC is available from the UE packet. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 19 3rd Party Access Network Protocol Access Network 3rd party APs are managed by 3rd party AP SCG, where the SCG acts as WAG. An access network protocol is defined for each 3rd party AP zone. The options are L2oGRE or QinQ. For 3rd party AP zones using L2oGRE access, traffic is accepted from the 3rd party APs using the access network provided to match a configured list of AP address range. 3rd party AP zones can also be configured with QinQ as the access network protocol. For traffic from these zones, the UE packets are QinQ tagged, and the SVLAN/CVLAN tags must match one of the defined ranges of SVLAN/CVLAN configured for that zone. 3rd party AP-Zone to data plane is a 1:1 mapping. No data plane redundancy is offered for 3rd party APs. Each 3rd party AP Zone is identified by a list of IP addresses, range, and subnets used by the APs for sending RADIUS traffic to the SCG. A 3rd party AP Zone ID is generated internally for each zone. Authentication and accounting procedures supported are same as Ruckus Wireless APs. 3rd party AP Zone support different northbound tunnels for Ruckus WLAN. L2oGRE 3rd party AP sends GRE encapsulated packet to the datablade, which has the header form as seen in Figure 7: L2oGRE header on page 20. Figure 7: L2oGRE header Ethernet 802.3 packet is the payload from the UE and includes UE MAC. On receiving the datacore, it first verifies if the packets are from the supported APs. An L2oGRE packet does not necessarily come directly from the AP. There could be one or more intermediate routers indicating that the MAC address may not be that of the AP. The IP address is used for identifying the AP. The attribute src_ip address matches and identifies the 3rd party AP zone, which sends the packet and forwards it to the GRE input module for processing. The GRE packet 20 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 3rd Party Access Network Protocol Access Network header stores the appropriate information in the packet descriptor. For 3rd party AP packets, it includes AP Zone ID and/or the network traffic profile associated with the AP zone. The GRE input also maintains the AP table, including statistics. For 3rd party APs, if the attribute, src_ip address is within the range, the tunnel is automatically created. It does not require a setup. The AP table is for 3rd party AP only and entries are timed-out periodically based on the in-activity. The complete UE Ethernet packet is passed to the forward packet module, which is responsible for forwarding the packet based on the rules and service policies. NOTE For information on how to configure L2oGRE, refer to the SmartCell Gateway 200 Administrator Guide (PDF) or the SmartCell Gateway 200 Online Help, which is accessible from the SCG Web interface. L2oGRE and Bridge In the user interface, the administrator user configures the access network as L2oGRE and the core network as Bridge. UE packets from the access network are sent to the data plane inside a layer 2 GRE tunnel. L2oGRE packets with outer source IP within the configured ranges are accepted. The fwd_policy in this configuration is to bridge the inner UE packet to the core-side network with 0, 1 or 2 VLAN tags as configured. See Figure 8: 3rd party using L2oGRE and Bridge on page 22 for the schematic flow of 3rd party APs using L2oGRE and Bridge. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 21 3rd Party Access Network Protocol Access Network Figure 8: 3rd party using L2oGRE and Bridge QinQ (L2) Wi-Fi clients associated with 3rd party AP zones using QinQ access can be configured to be bridged to the core network with 0, 1 or 2 VLAN tags. On the access network, UE traffic from 3rd party APs is sent to the data plane as QinQ tagged packets. The configuration is as per the zone specifying the accepted SVLAN and CVLAN ranges of QinQ tags. The UE packet is accepted (based on per zone authentication settings) provided the QinQ tags of the packet are within the configured range. In the user interface, when the administrator user configures the Access Network as QinQ and the Core Network as Bridge, the SCG acts as the RADIUS proxy and is managed by the AP SCG. The AP acts like a RADIUS client and uses 802.1X/EAP for authentication. The client traffic is forwarded to the SCG via QinQ. The SCG support multiple 3rd party zones. QinQ is configured per 3rd party AP zone, which accesses UE traffic arriving at the data plane as tagged packets (double VLAN). QinQ access packets are recognized by configuring SVLAN/ CVLAN range in 3rd party AP zone configuration as seen in Figure 9: 3rd party using QinQ and Bridge on page 23. SVLAN/CVLAN range does not overlap between the zones. 22 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 3rd Party Access Network Protocol Access Network NOTE The SCG does not support roaming for 3rd party APs. Figure 9: 3rd party using QinQ and Bridge NOTE For information on how to configure QinQ, refer to the SmartCell Gateway 200 Administrator Guide (PDF) or the SmartCell Gateway 200 Online Help, which is accessible from the SCG Web interface. QinQ and TTG+PDG 3rd party AP zones can be configured for Wi-Fi client traffic to be sent to the data plane as QinQ tagged packets, which is then forwarded to the core network as per the configuration in the TTG+PDG profile. Wi-Fi client's traffic is forwarded to the SCG using QinQ tags ensuring that UE MAC is present in frames coming from AP into data plane. With the TTG+PDG profile, the fwd_policy that will be applied for each UE session is determined during authentication. The fwd_policy choices are either TTG (forwarding to a GGSN) or PDG (local break out at the SCG). In the user interface, when the administrator user configures the access network as QinQ and the core network as TTG+PDG, the SCG acts as the RADIUS proxy. 3rd party AP acts like a RADIUS client and uses 802.1X/EAP to perform authentication. The client Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 23 3rd Party Access Network Protocol Access Network traffic is forwarded to the SCG via QinQ. Figure 10: 3rd party using QinQ and TTG+PDG on page 24 shows the access flows of 3rd party APs using QinQ and TTG+PDG. 3rd party APs are managed by the 3rd party AP SCG. The SCG supports multiple 3rd party zones. 3rd party APs are managed by the 3rd party AP SCG. The SCG supports multiple 3rd party zones. NOTE The SCG does not support roaming for 3rd party APs. Figure 10: 3rd party using QinQ and TTG+PDG 3rd Party Session Termination TTG session termination procedures for UEs associated to 3rd party AP differ from Ruckus APs call flows. In this case, the control plane sends the RADIUS DM message to the AP. When a session is to be terminated (GGSN/HLR/Admin initiated) control plane uses the 3rd party AP’s IP address to build and send the RADIUS DM message to the AP. It is possible that 3rd party AP does not support RADIUS DM or 3rd party APs residing behind a NAT device. During an IP address assignment, the control plane DHCP server provides a finite lease time (for TTG sessions). If the session is deleted in the SCG and the association still exists, all data packets coming from UE are discarded. When UE 24 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 3rd Party Access Network Protocol Access Network initiates DHCP renew/rebind procedure, the SCG denies the renewal/rebind. Once this is denied, it automatically disassociates itself and starts a new connection. In case of PDG session termination, an age out event is sent to the control plane. The session also gets terminated, if the UE session ages out or when a session deletes a control plane or the data plane ages out the entry. Alternatively a user can build an API to delete the entry. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 25 3rd Party Access Network Protocol Access Network 26 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 27 3 Tunnel Combinations and DHCP Processing Tunnel Combinations Table 7: Tunnel combinations on page 27 lists the tunnel combinations for Ruckus Wireless and 3rd Party APs. Table 7: Tunnel combinations AP Type Access Core Authentication Open Hotspot 802.1X MAC Hotspot (WISPr) EAP Address 2.0 Ruckus RGRE Bridge (0-2 tags) X X X X X Ruckus RGRE L2oGRE X X X X X Ruckus RGRE TTG+PDG (0-2 tags) X X Ruckus RGRE Mixed Tunnel Mode X X 3rd Party QinQ Bridge (0-2 tags) 3rd Party QinQ TTG+PDG (0-2 tags) 3rd Party L2oGRE Bridge (0-2 tags) X X X X 3rd Party L2oGRE TTG+PDG (0-2 tags) Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 X X X 27 Tunnel Combinations and DHCP Processing DHCP Processing DHCP Processing DHCP relay processing is automatically enabled if the core forwarding profile is TTG+PDG, which means that user configuration is not required. DHCP server is always - control plane DHCP server. The DHCP relay function data plane relays all UE packets to the SCG DHCP server. For Ruckus GRE packets, the outer Ethernet/IP/UDP/GRE headers are stripped to recover the UE packet. For 3rd Party AP QinQ access packets, the QinQ tags are removed before the UE DHCP packet is forwarded to the DHCP server. Control plane verifies whether the UE has been authenticated and if the session is PDG or TTG. If the UE entry is not found, DHCP discover packet is silently dropped. For TTG configuration, the control plane establishes the GTP tunnel to GGSN and notifies the data plane of the assigned IP address. The DHCP function on the data plane will then answer the UE's DHCP requests packets with the UE's assigned IP address. For UE from Ruckus APs, the DHCP reply packets are sent back via the Ruckus GRE tunnel. For UE from 3rd Party APs, the DHCP reply packet is tagged with the appropriate SVLAN/CVLAN and sent back to the UE. If the control plane is unable to establish the GTP tunnel to GGSN or if the UE is not authenticated, the control plane silently drops the DHCP discover message. For PDG configuration, the control plane responds with DHCP NAK including the northbound VLAN tag options used by the data plane, which is forwarded to the DHCP discover on the northbound interface to an external DHCP server. Option 82 conveys this information. This section covers: • DHCP Relay on page 28 • DHCP Option 82 on page 29 DHCP Relay DHCP relay is supported for all core network protocol types, when configured. For access network, the DHCP relay supports only L2 access traffic, which includes RuckusGRE, QinQ (L2). The DHCP relay function is configurable on a per AP zone basis. The SCG supports configuration of two DHCP servers per DHCP relay setting where one is in active mode and the other is in standby mode. All DHCP relay traffic will be forwarded to the active DHCP server. Data plane keeps track of the timestamps for DHCP packets sent to or received from the active DHCP server. If the user is unable to see any packets from the DHCP server in the configured time interval, the server is considered as unreachable and subsequent DHCP packets are sent to the standby server. An event is generated to notify the control plane. For sending to DHCP servers, the DHCP relay agent's IP address is the interface IP address based on the routing table settings. It is the operator's responsibility to set the 28 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Tunnel Combinations and DHCP Processing DHCP Processing routes to allow the DHCP server to be reachable. In SCG, a secondary IP address is configurable on the data plane to support sending to DHCP servers, which could be in a private network. For TTG+PDG traffic, the DHCP function in the dataplane will always be active and does not require any configuration. DHCP Option 82 By default, the DHCP Option 82 Circuit_ID is set with the following information: • AP_IP:AP_Mac:SVLAN:VLAN:Zone_ID:SSID_string • SSID_string stands for WLAN SSID • For QinQ(L2) access, the SVLAN/VLAN is included in the Circuit_ID sub-option. The AP_IP and AP_MAC fields are NULL. • For non-QinQ access, SVLAN field is null and VLAN field includes the VLAN_ID. If the UE packet is VLAN tagged, the AP IP address will always be included. AP MAC is included only for Ruckus APs. • The Zone ID field includes the 16-bit Zone ID from the zone config table in hex characters. • Option 82 D-blade IP includes the data plane's IP and MAC address, which is e separated by a colon. This is the interface address required for sending it to the core GW. Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 29 Tunnel Combinations and DHCP Processing DHCP Processing 30 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Index 3rd party 13 3rd Party 27 3rd party AP SCG 19 3rd Party AP Zone 19 3rd Party Session Termination 24 3rd party using QinQ and Bridge 22 GRE encapsulated packet 20 GTP tunnel 15 K KeepAlive 11 A L access network 9, 23 Access Network 19 access network protocol 19 access point 13 accounting procedures 19 AP address range 19 AP table 20 authentication 13 Authentication 19 L2 access traffic 28 L20GRE 13 L2oGRE 9, 11, 20, 27 L2oGRE and Bridge 21 L2oGRE header 20 legal 3 M Mixed Tunnel Mode 27 B Bridge (0-2 tags) 27 bridge mode 14 bridged 22 C client traffic 23 control plane 24 Control plane 28 copyright information 3 core forwarding 28 core network 9, 11, 23 core network protocols 11 D data packets 24 data plane 9, 22–23, 28 DHCP Option 82 29 DHCP Processing 28 DHCP Relay 28 DHCP relay processing 28 DHCP relay traffic 28 N new network 9 non-QinQ access 29 northbound tunnels 19 northbound VLAN 28 O Option 82 28 overview 9 P packet header 20 path management message 15 PDG 23 protocol type 11 Q QinQ 27 QinQ (L2) 22 QinQ access packets 28 QinQ(L2) access 29 F forward packet module 20 R G RGRE 27 Ruckus 27 Gn interface 15 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 31 32 | Index | S SCG 19 src_ip address 20 SSID_string 29 T timestamps 28 trademarks 3 traffic 14 TTG PDG 13 TTG session termination 24 TTG+PDG 23 TTG+PDG (0-2 tags) 27 Tunnel Combinations 27 tunnel management message 15 tunnel type 9 U user configuration 28 user equipment 11, 13–14 Z Zone ID 29 32 Ruckus Wireless™ SmartCell Gateway™ 200 Tunnelling Interface Reference Guide for SmartZone 3.5 Copyright © 2017. Ruckus Wireless, Inc. 350 West Java Drive, Sunnyvale, CA www.ruckuswireless.com
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : Yes Author : Ruckus Wireless™, Inc. Create Date : 2017:04:05 10:54:38Z Modify Date : 2017:04:05 16:29:16+05:30 Subject : SCG™ 200 Tunneling Interface Reference Guide for SmartZone 3.5 Has XFA : No XMP Toolkit : Adobe XMP Core 5.4-c006 80.159825, 2016/09/16-03:31:08 Format : application/pdf Title : SCG™ 200 Tunneling Interface Reference Guide for SmartZone 3.5 Creator : Ruckus Wireless™, Inc. Description : SCG™ 200 Tunneling Interface Reference Guide for SmartZone 3.5 Producer : XEP 4.22 build 2013 Trapped : False Creator Tool : Unknown Metadata Date : 2017:04:05 16:29:16+05:30 Document ID : uuid:df5b7711-80f9-47f1-979c-4dea94a3a893 Instance ID : uuid:d5e3a7da-a2a2-430d-abad-3ee56a3b27d8 Page Mode : UseOutlines Page Count : 33EXIF Metadata provided by EXIF.tools